Re: [SLUG] debugging dns resolution issues with RES_OPTIONS=debug
2010/1/27 Ben Burke ben.bu...@internode.on.net: Rick, Thanks - yes, that will help, though I don't think I'll get close enough to the problem to decide if it's ip communications or a windows dns server issue. (I could do other connectivity tests to the dns servers, same result) I came across these options when working with a really nasty performance problem, involving AIX dns clients, resolving names on win2k3 servers. At the time, I was being pushed to populate hosts files on dozens of unix hosts, rather than get to the bottom of what was going on. Eventually, we found that the AIX version in use would attempt ipv6 style dns client behaviour several times, before failing back to ipv4 behaviour. At the time, IBM gave us no support what so ever - just blamed microsoft. As usual, the way to solve a vendor war is, get to the root of the problem. I'm pretty clueless on where gethostbyname lives in the os. My guess would be, a shared library that many programs link against, rather than part of the kernel.. This was the kind of info I was looking for. Hi Rick gethostbyname is part of GNU libc implementation. Therefore, you'd have to check out its resolver library to do anything serious with `options debug` on your /etc/resolv.conf (its disabled by default for some reason). Other implementations such as AIX which you use has it enabled by default. AFAIK, most BSDs have them enabled too. HTH [...] -- Regards Ishwor Gurung Key id:0xa98db35e Key fingerprint:FBEF 0D69 6DE1 C72B A5A8 35FE 5A9B F3BB 4E5E 17B5 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] grub2 menu highlighting
Hi Meryl, 2010/1/10 meryl gnu...@aromagardens.com.au: I'm not sure if this is pebcak or a bug I may have included a lot of [...] As a work around - my thoughts are to maybe delete the generic-pae entries from /grub. Or can I reorder the menuentry list to put Ubuntu, Linux 2.6.31-17-generic at the top? The default entry is determined by the DEFAULT= setting in /etc/default/grub; the first menuentry is has a value of 0 (from the same page). So, perhaps try - DEFAULT=menu_entry_number ? [...] -- Regards Ishwor Gurung Key id:0xa98db35e Key fingerprint:FBEF 0D69 6DE1 C72B A5A8 35FE 5A9B F3BB 4E5E 17B5 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Port forwarding weirdities
Hi Jeremy, 2009/11/3 Jeremy Visser jer...@visser.name: On Wed, 2009-10-28 at 21:37 +1100, Ishwor Gurung wrote: What about just dumping NAT table i.e., without the grep magic foo? Sure. I've attached an `iptables -t nat -L` from working, and broken. [...] What's weird is that the line that should make all the difference (the last line in both attachments) doesn't change at all. At time of writing, the brokenness is sending traffic from port 1240 to port 81 instead of 80. (Has now been ports 82 and 95 in the past.) This is sad. Indeed sad. The only differences between the two dumps are that Transmission doesn't have one of its UDP port forwards for some reason, our (dynamic) WAN IP has changed, and I pulled another port forward that I wasn't using. Given that it has been working and broken without much change, I cannot put my finger on what it is. Hrmm. Try patching it against r17555 and see how it goes - https://dev.openwrt.org/changeset/17555. There are a bunch of fixes in r16278 plus try disable QOS'ing packets (seems to be the common wisdom of the ticket discussion) I think it could be a bug in OpenWRT. What specific revision is it? I'm running Kamikaze 8.09.1, r16278. Isn't that the stock one? This is quiet interesting https://dev.openwrt.org/roadmap says pptp nat conntrack removed, cause of dnat off-by-one port forwarding bug (r17555). But in your case though its definitely _more_ than off-by-one port fwd in the dnat. hrmm. I feel this is a definitely a bug. File a bug report I'd say (which is rather another question. _Why_ on earth wouldn't you file a bug report?) I mentioned in my previous post that I don't have my wrt with me atm so proceed with caution. These were the summary of latest patches by agb so far- 606-netfilter_NETMAP.patch 5.6 KB 17555 8 weeks agb: merge r17552 to 8.09 [generic-2.4] remove nat pptp conntracking patch // 610-netfilter_connbytes.patch 17.0 KB 17555 8 weeks agb: merge r17552 to 8.09 [generic-2.4] remove nat pptp conntracking patch // 613-netfilter_nat_h323.patch 26.8 KB 17555 8 weeks agb: merge r17552 to 8.09 [generic-2.4] remove nat pptp conntracking patch Sorry can't be of much help. I don't have time nor energy to write a patch. -- Regards, Ishwor Gurung -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Port forwarding weirdities
Hi, Okay, so, I have a Linksys WRT54G running OpenWrt, serving as the Internet router for our home. You know the drill — NAT, PPPoE, whatever. Router's LAN IP address is 192.168.0.1. Several port forwards are in place (y'know — SSH, HTTP, SMTP, IMAP, and whatnot) that are already working beautifully. I'm also wanting to forward TCP port 1240 on the WAN side to port 80 on my box, 192.168.0.23, for running a test web server. (Oh, if only I could give non-technical people a link to my IPv6 address instead.) Heh.. :) So here's the OpenWrt config I use to do this. Should look sane, even if you've not used OpenWrt before: config 'redirect' option 'src' 'wan' option 'proto' 'tcp' option 'src_dport' '1240' option 'dest_ip' '192.168.0.23' option 'dest_port' '80' And when you run `/etc/init.d/firewall restart`, it generates the following iptables rule as a result: r...@openwrt:~# iptables -t nat -L | grep 1240 DNAT tcp -- anywhere anywhere tcp dpt:1240 to:192.168.0.23:80 What about just dumping NAT table i.e., without the grep magic foo? NAT'ing 1240-80 is fine but then as Dr. Peter Chubb mentions, 80-(could_be_any_arbritrary_port_here) which you are obviously not listing it here. Right? Which all worked fine for a week or two. But then for some mysterious reason, when I try and access port 1240 from the WAN side, it started to send traffic to port 95 on my LAN side! (Despite iptables still reporting port 80.) I rebooted the router (to no avail), reset the firewall configs, ran tcpdump, wireshark, and whatnot, and the mangling of the port is definitely something that was happening on the router. (tcpdump showed me packets exiting the LAN side bound for port 95; no pun intended.) So as a quick workaround, I made Apache on my box listen on port 95 as well as port 80, which 'fixed' it. No biggie. Except now it's trying to access port 82 on my box when I hit 1240 on the WAN site. I have not changed any configuration on the router, and if I type `uptime` I can tell it hasn't even rebooted since it was last going to port 95. This is so totally weird, and driving me absolutely insane. All other port forwards work perfectly. Oh, somebody shut down the IPv4 Internet already! One of my mate said he had the same issue (he fixed it but I don't know how he did it, I told him to type a little bit more using his fingers and choose lesser automagic foo configs in his wrt :-) I think it could be a bug in OpenWRT. What specific revision is it? Also, there's a ticket for it if you want to read https://dev.openwrt.org/ticket/2558 and it _seems_ that its related to nat specifically. Also, try newer revision as reported by one users success if you haven't (I do not have my wrtgl with me atm) :-) [...] -- Regards, Ishwor Gurung -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Thanks RE:Network Traffic Visualisation - any gui prgs/interfaces?
Hi, This isn't specific to your problem but here it is anyway - http://projects.zumkuckuck.com/realtime/ Thanks to Glen, db, peter and David for replies re above. iftop is almost what I wanted - Wireshark is the closest but a bit involved to setup and get running ( at least it was for me) but I've got it working. iftop has more granular view of the data points so does wireshark/tcpdump. The one I post above is a custom solution developed mainly AFAIK for large scale network visualization that probably has the provision to see beyond just aggregated packets at each IX over the wire like zooming in/out into the individual IXs and so on.. (really interesting though how its presented :-) programmed using Opensource language called Processing. Are there any out-of-the-box solution like such that we can just plug in and start playing? Thanks! :) [...] -- Regards, Ishwor Gurung -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Vanilla kernel headers
Daniel Hi :-) I assume you worked it out, but the answer to your original question is: You need the kernel headers (and configuration) that match the kernel you are building the module against. The any-any patch helps with newer kernels, but doesn't change the equation: build VMWare against the same headers as the kernel. The reason for this is that different kernels, and different configuration options, all change the layout of binary data structures that the module refers to. Get that wrong and you can go direct to data corruption city, not passing go, and not collecting anything but a lot of grief on the way. I remember compiling headers couple of years ago on Potato/Etch (I think it was Etch. The machine doesn't live with me anymore). Anyway, the thing with vmware-config.pl is that it will _fail_ to compile a proper module if the kernel headers are wrong or missing anyway. So, although your statement might still be valid (the corruption bit... especially if you really intend to corrupt the data using special ABI magickery), I think in the OPs case, it will simply fail to compile+link if he/she gets the wrong headers. -- Regards, Ishwor Gurung -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] VirtualBox2.2+OpenBSD4.4 (fail)
Hi guys, (Pardon since lot of people use *BSD and Linux together but if rude, I'll take it off-list) Ok. It installs fine. However, I keep getting segfaults on simple programs (such as xorgconfig). (I don't have exact text/dmesg to dump right now but I can produce it if required) Is it that VirtualBox isn't emulating x86 hardware properly? Or, is it a bug in obsd? (I am thinking the former). Any Ideas/suggestion are entertained (Trying in VMware right now) Thanks. -- Regards, Ishwor Gurung -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html